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CROSS REFERENCE TO RELATED APPLICATIONS 

This application is co-pending with and claims pursuant to 
35 U.S.C. § 120 as to its common subject matter the filing date 
of patent application serial number 09/637,742, filed August 11, 
2000, and patent application serial number 09/657,745, filed 
September 8, 2000. 

TECHNICAL FIELD 

The invention relates generally to wireless networks, and 
more particularly to an adapter and method for extending stand- 
alone wireless access points to enable their delivery of an 
integrated solution within a network environment. 

BACKGROUND 

Short-range wireless technologies such as 802.11, Bluetooth, 
HomeRF, and others are being rapidly deployed to allow mobile 
devices to connect with existing intra-building wired Local Area 
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Networks (LANs) . To enable this connectivity, wireless access 
points are being developed by various manufacturers. An example of 
such an access point is the Aironet 340 access point (an 802.11 
type access point) manufactured by Cisco Systems, Inc. of San Jose, 
*5 California. Another example is the AXIS 9010 access point (a 
Bluetooth type access point) manufactured by Axis Corporation of 
Lund, Sweden. 

Traditional wireless access points provide limited 
10 functionality, essentially limited to enabling a so-called 
"hotspot" of connectivity to the LAN. The access point operates by 
forwarding data packets from the wireless environment to the wired 
LAN, and vice versa. However, within an environment containing 
multiple access points, conventional stand-alone access points have 
15 several limitations. For example, a stand-alone access point: (1) 
cannot be centrally managed; (2) cannot support layer 3 (IP) 
roaming with other access points; (3) cannot enforce quality-of- 
service (QoS) metrics; (4) cannot deliver centralized logging and 
reporting; and (5) provides only limited security and 
20 authentication capability, and no server managed security. 

Existing efforts to address the aforementioned limitations 
involve the incorporation of new infrastructure into an existing 
network to provide some of the missing services for the access 
25 points. One example of this approach is the combination of a Cisco 
Aironet 350 access point and a Cisco Secure Access Control Server 
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for delivery of authentication and dynamic encryption key 
generation services. Another example of this approach is the 
incorporation of a 3Com SuperStack II switch for delivery of 
authentication and virtual private networking (VPN) access to 

"5 wireless users. Such conventional approaches, however, require one 
or more of the following: (1) mandatory software on the client 
devices (e.g., VPN software); (2) particular versions of wireless 
client hardware or firmware, thereby forcing a homogeneous 
environment; (3) upgrades to the existing wireless access points; 

10 and (4) complex network configurations, since multiple pieces of 
infrastructure must be separately installed, configured and 
managed. 

These requirements make deployment difficult, limit device 
15 choice, and do not provide a scalable approach to delivering all of 
the required services for the access points in an enterprise 
network. Accordingly, there is an established need for 
improvements over prior art wireless access point systems. 



20 

SUMMARY OF. THE INVENTION 
It is an object of the present invention to provide a network 
adapter for an access point within a networked environment. 



25 



It is another object of the present invention to provide a 
network adapter for a plurality of access points within a switched 
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Local Area Network. 



In a preferred embodiment of the invention, an adapter device 
is provided connected to each short-range wireless access point in 

"5 a network. Each packet transmitted between an access point and the 
wired LAN passes through the adapter. The adapter may be 
implemented as a stand-alone Personal Computer (PC), a special- 
purpose computing appliance, or as a component that is physically 
coupled to the access point, with the component / access point 

10 combination encapsulated within a single enclosure. 

In one aspect of the invention, the adapter is implemented as 
a software component or module loaded into the memory of the access 
point. Preferably, the adapter comprises a wireline network 
15 interface, a wireless network interface, an IP stack and network 
coordination software. 

In another aspect of the invention incorporated within a 
switched LAN environment, a single adapter device can support a 
20 plurality of short-range wireless access points. 

BRIEF DESCRIPTION OF THE DRAWINGS 

25 The preferred embodiments of the invention will hereinafter be 

described in conjunction with the appended drawings provided to 
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illustrate and not to limit the invention, where like designations 
denote like elements, and in which: 



FIG. 1 is a block diagram of an adapter connecting wired and 
fct 5 wireless networks, in accordance with the present invention; 

FIG. 2 is a block diagram of an adapter, in accordance with 
the present invention; 

10 FIG. 3 is a flow chart illustrating a method for forwarding a 

packet to a wireless interface, in accordance with the present 
invention; 

FIG. 4 is a flow chart illustrating a method for forwarding a 
15 packet to a wireline interface, in accordance with the present 
invention; 

FIG. 5 is a block diagram of an adapter connected to a 
plurality of access points through a switch, in accordance with the 
20 present invention; 

FIG. 6 is a block diagram illustrating three individual access 
point segments connected to a single adapter, in accordance with 
the present invention; and 

25 

FIG. 7 is a block diagram of an adapter connecting to access 
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points from different wireless networks, in accordance with the 
present invention . 

DETAILED DESCRIPTION OF THE INVENTION 
-5 Generally, a typical network environment consists of a network 

control server connected to a wired Local Area Network (LAN) . The 
adapter's wireline network interface is connected to the Local Area 
Network and the adapter's wireless network interface is connected 
to an access point. The network control server is connected to the 
10 Local Area Network, which in turn is connected to the Internet 
backbone . 

Referring now to FIGS . 1 and 2, one or more adapters 101 are 
provided connected to corresponding short-range wireless access 

15 points 100. In the preferred embodiment of the present invention, 
adapter 101 has two network interfaces, a wireless network 
interface and a wireline network interface. The wireless network 
interface is connected directly to each access point 100, while the 
wireline network interface is connected directly to a local area 

20 network (LAN) 102 or, alternatively, to a switch/router (not shown 
in FIG. 1) . In this manner, all packets sent between access point 
100 and the wired LAN 102 must pass through the adapter 101. 

The adapters 101 communicate with a Network Control Server 
25 (NCS) 103 which maintains information required by the adapters 101 
in the networked environment. Preferably, the NCS 103 communicates 
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with the adapters 101 via LAN 102. However, as will be apparent to 
those skilled in the art, the Network Control Server 103 can be 
attached directly to each adapter 101, or it can communicate with 
the adapters via a wide-area network (WAN) , such as the Internet. 

Adapter 101 can be implemented as a stand-alone personal 
computer (PC) or, alternatively, as a special-purpose computing 
appliance. Alternatively, the adapter 101 can be implemented as a 
component physically coupled to the access point 100, with the 
10 combination encapsulated within a single enclosure. In further 
aspects of the invention, the adapter 101 is implemented as a 
software component or module loaded into the memory of access point 
100. 

15 in' an alternative embodiment of the present invention, adapter 

101 functions with an existing wired LAN port, instead of a short- 
range wireless access point 100. In this case, the adapter's 
wireline interface 200 is attached to a LAN port (as usual) , and a 
client device or switch can be attached to the adapter's wireless 

20 network interface 201 (instead of an access point) . 

Commonly-assigned pending U.S. patent application serial 
number 09/637,742, filed August 11, 2000, and incorporated herein 
by reference, which is titled "Enabling Seamless User Mobility in 
25 a Short-Range Wireless Networking Environment", discloses a 
wireless networking system wherein a central core server resides in 

Docket 6020.0100 -7- 



the network infrastructure and provides services to Handoff 
Management Points (HMPs) as users of devices roam through the 
environment. The system of the present invention can be 
implemented in combination with this commonly-assigned invention, 
K 5 wherein the network control server 103 is co-located with the core 
server or, alternatively, where the network adapters 101 are co- 
located with the HMPs . This combined configuration enables clients 
to travel seamlessly between access points that do not directly 
support coordination through the core server. 

10 

Commonly-assigned pending U.S. patent application serial 
number 09/657,745, filed September 8, 2000, and incorporated herein 
by reference, which is titled "Location-Independent Routing and 
Secure Access in a Short-Range Wireless Networking Environment", 

15 discloses a system wherein a routing coordinator maintains a 
plurality of connection table records and wherein a plurality of 
Home Agent Masqueraders (HAMs) and Foreign Agent Masqueraders 
(FAMs) communicate with the routing coordinator to ensure that 
client data connections are preserved as the client travels 

20 throughout the short-range wireless network environment. Each of 
the connection table records includes a client address and port, 
and a server address and port. The system of the present invention 
can be implemented in combination with this commonly-assigned 
invention, where the network control server 103 is co-located with 

25 the routing coordinator or, alternatively, where the network 
adapters 101 are co-located with the HAMs and FAMs. The combined 
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configuration enables clients to preserve network connections as 
they travel through a short-range wireless network environment and 
communicate with access points that do not directly support 
coordination through the routing coordinator. 

Accordingly, the network control server 103 of the present 
invention can be co-located with the core server and/or the routing 
coordinator of the above-identified commonly-assigned inventions. 
Moreover, the adapters 101 described in the present invention can 
be co-located with the HMP and/or the HAM or FAM of these commonly- 
assigned inventions. 

As best depicted in FIG. 2, adapter 101 includes a wireline 
network interface 200, a wireless network interface 201, network 
15 coordination software 202, and an augmented IP stack 203. 

Wireline network interface 200 can comprise an Ethernet, token 
ring or other any other local area network (LAN) interface known in 
the art. In the preferred embodiment of the present invention, 
20 network adapter 101 incorporates a single wireline network 
interface 200. However, as will be apparent to those skilled in 
the art, alternative embodiments of the present invention can 
include multiple wireline network interfaces, each connecting the 
adapter 101 to a different LAN. 

25 

Wireless network interface 201 can comprise an Ethernet 
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connection, serial cable, RS232 or other cable connection to a 
wireless access point 100. Preferably, network adapter 101 
incorporates a single wireless network interface 201. However, as 
will be apparent to those skilled in the art, alternative 
' 5 embodiments of the present invention can include multiple wireless 
network interfaces, each connecting the adapter 101 to a different 
wireless access point 100. (See FIGS. 5-7, for example.) 

Network coordination software 202 is provided for 
10 communicating with the network control server 103 to provide 
coordination functions on behalf of the adapted access points 100 
within the managed network environment. In the preferred 
embodiment of the present invention, the network coordination 
software 202 enables the adapter to retrieve network security and 
15 quality-of-service policies, retrieve packet rewriting rules, 
transmit logs and alerts, and disseminate information pertaining to 
device arrival and departure. Furthermore, the software receives 
management commands that are forwarded to the access point itself. 

20 Augmented IP stack 203 comprises an IP stack that has been 

instrumented with particular features to enforce the managed 
network environment. In the preferred embodiment of the present 
invention, the aforementioned features include, but are not limited 
to, packet filtering and packet rewriting. The packet filtering 

25 feature prevents a packet from being forwarded to its intended 
destination, in accordance with the security, quality-of-service or 
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other policies within the managed network environment. The packet 
rewriting feature rewrites a packet before it is forwarded to an 
intended destination, in accordance with the policies within the 
managed network environment. In the preferred embodiment of the 
' 5 present invention, the packet rewriting functions include Network 
Address Translation (NAT) , an address management technique that is 
well known in the prior art. In one aspect of the present 
invention, the packet rewriting policies enable a layer 3 (IP) 
roaming capability. 

10 

In an alternate embodiment of the present invention, the 
augmented IP stack 203 includes support for a mobile IP Foreign 
Agent (FA) . The mobile IP protocol is defined in RFC 2002, 
available on the Internet at www.rfc-editor.org. In a further 

15 alternate embodiment of the present invention, the augmented IP 
stack includes services that detect and handle packets 
corresponding to various standard protocols such as the Domain Name 
Service (DNS) protocol, Dynamic Host Configuration Protocol (DHCP), 
Remote Authentication Dial-In User Service (RADIUS) protocol, and 

20 Internet Group Management Protocol (IGMP) . The augmented IP stack, 
upon detecting a packet corresponding to one of these services, may 
filter the packet, forward the packet or generate a response in 
accordance with the policies within the managed network 
environment . 

25 

Referring now to FIG. 3, a preferred method of forwarding a 
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packet to the wireless network is illustrated. Upon receipt by 
wireline interface 300, the packet is forwarded to augmented IP 
stack 301. Initially, the augmented IP stack 301 determines 
whether the packet should be discarded 302. If so, the packet is 

* 5 discarded 303 and the processing is completed. If not, the 
augmented protocol stack determines whether the packet must be 
modified 304; if so, the packet is modified in accordance with the 
implementation of the adapter 101. Finally, the packet is 
forwarded to the wireless network interface for transmission 305. 

10 At various points in this process, it may be necessary for the 
adapter 101 to obtain configuration information from the network 
control server, in which case the network coordination software in 
the adapter is invoked to retrieve such information. At various 
points in this process, the adapter may be required to report 

15 information to the network control server, in which case the 
network coordination software in the adapter is invoked to report 
the information. 

Referring now to FIG. 4, a preferred method of forwarding a 
20 packet to the wireline network interface is illustrated. Upon 
being received by the wireless interface 400, a packet is initially 
forwarded to augmented IP stack 401. The augmented protocol stack 
determines whether the packet should be discarded (402) and, if so, 
the packet is discarded 403 and processing is completed. Where the 
25 packet is not to be discarded, the augmented protocol stack 
determines whether the packet requires modification 404. If 
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modification is required, the packet is modified in accordance with 
the implementation of the adapter 101. Subsequently, the packet is 
forwarded to the wireline network interface for transmission 405. 
At various points in this process, the adapter 101 may require 

r 5 configuration information from the network control server, in which 
case the network coordination software in the adapter is invoked to 
retrieve that information. At various points in this process, the 
adapter may be required to report information to the network 
control server, in which case the network coordination software in 

10 the adapter is invoked to report that information. 

Referring now to FIG. 5, the adapter 101 is illustrated 
connected to a plurality of access points 100 via a switch 500. In 
an alternative embodiment of the present invention, adapter 101 

15 provides services to a plurality of short-range wireless access 
points 100. In this environment, a plurality of short-range 
wireless access points 100 are individually coupled to switch 500. 
Although FIG. 5 depicts each access point 100 located on a 
dedicated segment connected to the switch 500, it will be apparent 

20 to those skilled in the art that a single LAN segment can contain 
multiple wireless access points. Adapter 101 is also attached to 
switch 500. In this embodiment, the adapter's wireline and 
wireless interfaces are preferably integrated into a single 
connection 503 of switch 500. In one implementation of this 

25 embodiment, the switch 500 is programmed to automatically forward 
all inbound packets originating from access point LAN segments 
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501a f 501b, 501c (for example) to the LAN segment 503 containing 
the adapter 101. The switch 500 is also programmed to 
automatically forward all packets not originating from the LAN 
segment 503 containing the adapter (e.g., originating from LAN 102 
# 5 and arriving via segment 502) and destined to an access point LAN 
segment 501, to the LAN segment 503 containing the adapter 101. In 
this manner, the adapter 101 can receive and process all packets 
originating from and destined to the access points 100. 

10 Referring now to FIG. 6, in a further alternate embodiment of 

the present invention, adapter 101 supports a plurality of switched 
LANs 500, at least some of which contain wireless access points. 
In FIG. 6, adapter 101 is shown connected to three switched LANs 
containing wireless access points. This is merely for illustrative 

15 purposes; obviously, the number of LANs and access points can vary. 



A plurality of short-range wireless access points 100 provided 
are coupled to each switch 500. There are three access point LANs 
and the switch 500 of each LAN is connected to the wireless network 

20 interface of an adapter 101. The wired network interface of the 
adapter is connected to a pair of wired LANs 102. One or more 
personal computers (PCS) 600 are provided connected to each of the 
wired LANs. In this case, the adapter 101 receives packets sent to 
or from access points connected to all three switches 500. 

25 Moreover, the adapter is able to process packets sent to or from 
multiple wired networks 102. 
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The access points 100 or wireless clients may be programmed to 
forward all wireline-destined packets to the adapter 101 by 
defining the destination media access control (MAC) address to be 
that of the adapter. For example, the access points 100 can be 
* 5 programmed to treat the adapter 101 as a default IP gateway for 
network traffic. 

In an alternate implementation of the present invention, the 

network control server 103 can be co-located with the adapter 101 

10 to reduce the quantity of servers necessarily installed in the 
network environment, and to reduce the overall system cost. 

In a further alternate implementation of the present 
invention, the components of the network control server can be 
15 distributed to provide improved performance or failure handling. 

In another implementation of the present invention, the 
adapter 101 can connect to access points 100 supporting different 
wireless networks. Furthermore, the aforementioned different 
20 wireless networks can incorporate multiple different short-range 
wireless communication technologies. 

Referring now to FIG. 7, the adapter 101 is illustrated 
connected to access points 100 which are connected to multiple 
25 different wireless networks. These different wireless networks can 
employ the same network technology, in which case they have 
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distinguished network identifiers, or they can employ different 
network technologies such as 802.11 and Bluetooth. 

Access points 100 from different wireless networks are 
* 5 connected to an adapter 101 wireless network interface. The adapter 
wired network interface is connected to the wired Local Area 
Network 102. It is to be understood that in alternative 
embodiments, the adapter can be connected to different wireless 
networks through a plurality of switches, as previously described 
10 with respect to FIG. 5 and FIG. 6. 

While the preferred embodiments of the invention have been 
illustrated and described, it will be clear that the invention is 
not limited to these embodiments only. Numerous modifications, 
15 changes, variations, substitutions and equivalents will be apparent 
to those skilled in the art without departing from the spirit and 
scope of the invention as described in the claims. 
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